Published 7 months ago
Published 7 months ago
xiaobing.wang
Updated 3 months ago
3
Some professional users may encounter a connection error when activating a license key. This error indicates a communication issue between your SafeLine server and our license server. Follow the steps below to find and resolve the issue.
First, set the license server domain based on your WAF version:
1# For WAF version >= 8.0.0 2LICENSE_SERVER="safeline.stream.safepoint.cloud" 3 4# For WAF version < 8.0.0 5LICENSE_SERVER="safeline-cloud.chaitin.com"
Run a telnet
test on the SafeLine server to check if the network is functioning properly. If you see Connected to $LICENSE_SERVER
, the host network is working correctly.
1$ telnet $LICENSE_SERVER 50052 2Trying 120.26.93.124... 3Connected to $LICENSE_SERVER. 4Escape character is '^]'. 5^C 6Connection closed by foreign host.
If the connection fails, check if the host has internet access and if the cloud provider's security group allows outbound traffic.
The SafeLine licensing client runs inside the safeline-mgt
container. If the host network is working, confirm that the container can access the internet. Since telnet
is not available in the mgt
container, use ping
to check network connectivity:
1$ docker exec safeline-mgt ping $LICENSE_SERVER 2PING $LICENSE_SERVER (120.26.93.124): 56 data bytes 364 bytes from 120.26.93.124: seq=0 ttl=44 time=32.424 ms 464 bytes from 120.26.93.124: seq=1 ttl=44 time=32.374 ms
If ping
fails, analyze traffic flow as follows:
Inspect outbound rules for any DROP
entries:
1iptables -L -v -n --line-numbers
Capture TCP traffic between the server and the licensing server to determine if the handshake completes successfully.
1$ tcpdump -i any -nn host $LICENSE_SERVER
Example output:
16:45:45.253527 eth0 Out IP 172.22.189.247.42790 > 120.26.93.124.50052: Flags [S], seq 808064468, win 64240, options [mss 1460,sackOK,TS val 1020606707 ecr 0,nop,wscale 7], length 0
16:45:45.283391 eth0 In IP 120.26.93.124.50052 > 172.22.189.247.42790: Flags [S.], seq 3474622497, ack 808064469, win 65160, options [mss 1460,sackOK,TS val 1564198957 ecr 1020606707,nop,wscale 7], length 0
iptables -t nat
rules.Start by capturing packets to confirm if SYN packets are sent successfully, then use iptables and conntrack tools for further debugging.
Masiyus94
Updated 19 days ago
0
00020101021226650013ID.NETZME.WWW01189360081401001050240215ID10253992142340303UKE51440014ID.CO.QRIS.WWW0215ID10253992142340303UKE5204573453033605405200005802ID5914Kyoka Computer6013JAKARTA PUSAT61051015062690703A010812qris_invoice994200020001329b6d2ce436214ad0a0b8929723cfc3026304621A
Masiyus94
Updated 19 days ago
0
00020101021226650013ID.NETZME.WWW01189360081401001050240215ID10253992142340303UKE51440014ID.CO.QRIS.WWW0215ID10253992142340303UKE5204573453033605405200005802ID5914Kyoka Computer6013JAKARTA PUSAT61051015062690703A010812qris_invoice994200020001329b6d2ce436214ad0a0b8929723cfc3026304621A